Newsvine Fraud News

April 22, 2016

Ransomware cyber attacks are growing and it can happen to anyone, anywhere. The attacks can be on a personal computer or even take down an entire network at a hospital. Organizations posing as law enforcement, government agencies, banks, and credit card companies are using deceptive links and websites to install malware - which essentially holds all of your files ransom, encrypts and demands payment to restore them.

But this doesn’t have to happen to you. There are several very simple steps which can help safeguard you from attacks.

Anti-virus software - Every personal computer should have it. There are a lot commercial anti-virus software programs to choose from, and they are worth the investment. Once you have the software, make sure that it’s installed correctly with the most up-to-date version, that it’s always on, and that you have it set to alert you when there are updates to install.

If your computer does become infected and you don’t have an anti-virus program set up, you can install one to “clean” your computer, but you may need additional assistance to help restore your hard drive.

Anti-virus programs are equally, if not more important, for businesses – but because most businesses have software on their computers which prohibit users from downloading software it’s up to the company’s IT department to keep their users protected. Most business updates need to be done via a server to all their user’s computers and devices; this includes not only anti-virus software, but operating systems and third-party applications. Businesses should conduct security training for their users, as to what is and isn’t acceptable on company devices, including mobile ones. In addition, there should be computer usage, security, and security awareness policies in place.

Corporate IT departments need to routinely conduct risk assessments, as well as alert users of any new viruses or bogus and fraudulent emails that may be circulating.

Back up Everything, Frequently – It is essential that you are backing up your files on a regular basis. If you are hit with ransomware or any other type of virus and your computer and its files can’t be saved, you will have your backups to do a system restore or rebuild.

Consider The Cloud – Rather than keeping all of your files on a hard drive or server, consider moving bigger more important files to the cloud. Cloud storage will allow you to access your files remotely without the risk of them being infected by ransomware if your computer or server is hit.

Keep Everything Up-To-Date – It’s not just your anti-virus software that you need to keep updated. You should also keep your operating system and all of your programs updated with the latest versions. By keeping them updated you’ll be on top of any issues that may arise, as well as alerted to security warnings from the software manufacturers.

Avoid Suspicious Sites and Emails – If you are unsure of the sender, or an email comes with an attachment you aren’t expecting, delete it. Opening a suspicious email or clicking on a suspicious site could launch ransomware onto your computer.

It’s important that you make sure that all of your family, co-workers and employees know the risks of ransomware and how to protect themselves and that they should never pay the ransom. Not only is it feeding into criminal activity, but there is no guarantee you’ll get the encryption code promised to get full functionality back to your computer.

February 29, 2016

With just one click your files, credit cards, medical records and other personal information could be hacked with ransomware malware. Earlier this month, a cyberattack on Hollywood Presbyterian Medical Center took the hospital’s medical records hostage, demanding ransom in the form of Bitcoins.

Bitcoin is a virtual currency. Transactions are made anonymously without bank involvement. Since Bitcoins aren’t tied to any country or subject to any regulations, international payments are easy and cheap. Every user has a Wallet ID, but the names of the buyers and sellers are never revealed. This level of anonymity provides the perfect breeding ground for transactions such as ransomware.

It would be nice if there was a list of things to look for to help prevent these attacks, but ransomware is evolving. Hackers are finding new ways to completely lock your computer systems and block access to all of your files and encrypt them. Emails that look like they are coming from utility companies, credit card companies, and even banks contain files that once they are clicked will overtake your system.

While Hollywood Presbyterian Medical Center chose to pay the ransom via Bitcoin citing the need to get back patient medial records and the hospital back up and running as soon as possible, paying ransom isn’t the way to go.

First, even if you pay whatever is being asked there is no guarantee you’ll get the encryption code to access your files, and since nearly all of these ransom requests are made through anonymous payment methods – like Bitcoin – there’s no tracing where the money went, therefore no way to go after the attacker.

Second, if you pay the ransom the hackers may see you as an easy target and come back for more.

Third, by paying ransom you are feeding into the criminality of the entire operation. Providing money to these hackers will allow them to up their game with new malware and build out the ransomware malware network.

If anything looks suspicious in your email don’t click it, and if you think you’ve been infected by malware shut down your computer and disconnect it from any server in order to minimize the risk of infecting the entire network.

There are five fundamental thinks you should always remember to do when working on your computer while connected the Internet:

Count to ten and think before you click: Do not click on any URL embedded in an email, even from someone you know, unless you confirm that email came from the sender.

Update everything: Keep your operating system updated otherwise you might be dismissing an important security update.

Backup your files: If you fail to do anything else, this is the most important task you must do on a daily basis. There are many external trusted sites you can use to backup your computer

Secure you wireless network: Make sure you use a strong password when setting up your Wi-Fi router

Use strong password: Avoid using your cat and dog names. Instead include at least one number, a capital letter, symbols such as # or $, and make your password is at least six characters.

July 20, 2008

Every day, security analysts and the other professionals responsible for infrastructure monitoring and protection receive a series of alerts from the various hardware and software components that make up their technology architecture.The key challenge lies in prioritizing these alerts, and determining which ones require immediate attention.

False positives, incidents where security alerts are triggered even though no breach event has actually occurred, are becoming more and more common.Many intrusion detection systems are designed to uncover even the slightest unauthorized activity, looking not just for actual intrusions, but for any possible intrusion.As a result, they are often configured in such a way that a high number of false positives are also generated in addition to valid alerts.These can cost companies a tremendous amount of time and money, and distract incident responders from those alerts that really do require further investigation.

However, industry experts recommend several ways to reduce the number of false positives.These suggestions include:

Fine-tuning systems

Many security systems are, by default, extremely sensitive.But, their configurations can often be easily adjusted, to allow for more rigid definition of the criteria and thresholds that will trigger an alert.Begin by reviewing past audit logs to identify those actions that most often result in false positives, and set system controls to ignore those activities.

Using intelligent event correlation

Many experts believe that the future of enterprise security monitoring lies in event correlation, the ability for systems to leverage human-type intelligence to more effectively weed out false positives.For example, multiple failed logins alone may not be enough to warrant a full-blown investigation.Many of the more advanced systems will be able to dynamically perform further analysis and gather additional evidence, such as determining which IP address the logins were attempted from, before triggering an alert.

Applying visualization techniques

A study conducted by the Department of Computer Science at the University of Virginia suggests that – particularly in massive data sets – the textual relaying of suspicious activity data alone can create an unacceptable number of false positives.The report goes on to claim that by allowing system administrators and security analysts to visually analyze the same information using sophisticated graphics, it will be easier for them to identify the activity that represents low or no threat, and allow for faster detection of true malfunctions and breaches.

Conducting more in-depth training

While false alarms cannot be eliminated completely, they can be more rapidly dismissed.By training incident response teams to better tell the difference between a real alert and a false one, companies can avoid wasting precious staff time and incurring unnecessary expenditures.